hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 15:16:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
baec4adbb1fd8c0550091517f9eb59cb3d94de0a
codeql/csharp/ql/test/experimental/Security Features/CWE-614/RequireSSLFalseSystemWeb/Program.cs
Michael Nebel 94d81b501b C#: Base the CWE-614 tests purely on stubs.
2023-12-13 10:07:57 +01:00

51 lines
1.3 KiB
C#
Raw Blame History

class Program
{
void CookieDirectTrue()
{
var cookie = new System.Web.HttpCookie("cookieName");
cookie.Secure = true; // GOOD
}
void CookieDirectTrueInitializer()
{
var cookie = new System.Web.HttpCookie("cookieName") { Secure = true }; // GOOD
}
void CookieDirectFalse()
{
var cookie = new System.Web.HttpCookie("cookieName");
cookie.Secure = false; // BAD
}
void CookieDirectFalseInitializer()
{
var cookie = new System.Web.HttpCookie("cookieName") { Secure = false }; // BAD
}
void CookieIntermediateTrue()
{
var cookie = new System.Web.HttpCookie("cookieName");
bool v = true;
cookie.Secure = v; // GOOD: should track local data flow
}
void CookieIntermediateTrueInitializer()
{
bool v = true;
var cookie = new System.Web.HttpCookie("cookieName") { Secure = v }; // GOOD: should track local data flow
}
void CookieIntermediateFalse()
{
var cookie = new System.Web.HttpCookie("cookieName");
bool v = false;
cookie.Secure = v; // BAD
}
void CookieIntermediateFalseInitializer()
{
bool v = false;
var cookie = new System.Web.HttpCookie("cookieName") { Secure = v }; // BAD
}
}
Reference in New Issue View Git Blame Copy Permalink